IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
In Samba3 there is a very handy Makefile target 'test_pam_modules'. It let
quickly veryfy, that obtained PAM module actually is loadable and doesn't
miss any dependency libs. the only problem that on FreeBSD it doesn't work
OOTB, as it unconditionally adds -ldl to the list of libraries when FreeBSD
doesn't have it and doesn't need it.
This small patch fixes the problem for FreeBSD and, I hope, still valid
for othe systems, where -ldl is required. Has to be tested there though.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The purpose of this module is to connect to a locally running samba4 ldap
server for an alternative "Franky" setup. Right now it contains a couple of
gross hacks: For example it just takes the s4-chosed RID directly as uid/gid...
Checking in tldap and pdb_ads now, I think 3777 insertions are enough for a
start...
There's a lot of things this does not do yet: For example it does not parse the
reply blob in the sasl bind, it does not do anything with controls yet, a lot
of the ldap requests are not covered yet. But it provides a basis for me to
play with a pdb_ads passdb module.
This tool (in contrast to tdbtool) reads Samba's configuration
and if clustering = yes, it talks to CTDB instead of accessing
the TDB data bases directly. This is done by simply using
the dbwrap mechanim, just like the Samba daemons.
This first version can read and write int32 and uint32 values
and delete records from a (c)tdb database.
More operations will follow.
This tool can already be useful in CTDB environments, e.g. when
"net idmap restore" fails to set the USER and GROUP HWM keys,
because the methods are deliberately not implemented in
idmap_tdb2.c. You can manually set the high water marks
with
"dbwrap_tool store idmap_tdb2.tdb 'USER HWM' int32 12345"
and
"dbwrap_tool store idmap_tdb2.tdb 'GROUP HWM' int32 67890"
Michael
- This adds two functions: smbc_thread_posix() which provides access to the
internal threading implementation using pthread; and smbc_thread_impl()
where the user provides each of the functions required by Samba, to give
access to the thread implementation's native capabilities.
Derrell
Included if pthreads are found, can be disabled with --enable-pthreadpool=no
Tim, Steven, I haven't yet seen comments from you. You have been asking for
such a thing at SambaXP. Do you like this? :-)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
This is based on a patch from the debian packages
by Steve Langasek <vorlon@debian.org>.
It removes the static libs from the object collections.
For those libs that are set up with SMB_LIBRARY().
Michael
This reverts commit 8532faffd0.
swat needs zlib through ../librpc/ndr/ndr_compression.c, function
ndr_pull_compression_mszip_chunk(). This fails to link at least
on our build farm bsd boxes.
Michael
This reverts commit 1f265548e7.
smbd needs zlib through ../librpc/ndr/ndr_compression.c, function
ndr_pull_compression_mszip_chunk(). This fails to link at least
on our build farm bsd boxes.
Michael
we can provide the path to ctdb via the --with-ctdb=... configure flag like we
do it with other packageѕ, too. There is no need for another redundnant
Makefile hack to point the ctdb header location
Signed-off-by: Michael Adam <obnox@samba.org>
This is a really nasty one to fix as in order to successfully update the
passdb.tdb we must do the equivalent of a tdbbackup to move to the new hash
values before we do the upgrade.
Jeremy.
This fixes a bug in 116ce19b, where we didn't clear the pid cache in
become_daemon() and thus the /var/run/smbd.pid didn't match the actual
pid of the parent process.
Currently S4 will clear the pid cache on fork but doesn't yet take
advantage of the pid cache by using sys_pid() instead of the direct
get_pid().
Implements a custom backend for onefs that exclusively uses the wbclient
interface for all passdb calls.
It lacks some features of a standard passdb.
In particular it's a read only interface and doesn't implement privileges.
This new backend is custom tailored to onefs' unique requirements:
1) No fallback logic
2) Does not validate the domain of the user
3) Handles unencrypted passwords
The OneFS Samba implementation of change notify is modeled after the
usage of Linux's inotify kernel subsystem. A single call is made
into the onefs.so VFS module to initialize kernel tracking of certain
file change events. When these events occur a kernel notification is
sent to smbd and the notification event is translated and given to the
general Samba Change Notify layer through a callback function.
The most difficult aspect is converting an SMB CompletionFilter to
a matching ifs_event mask, and then back to an appropriate change
notify action. Currently, not all possible cases are handled by the
this module, but the most prevalent ones, which are tested by
smbtorture, are implemented.
* Much of the beginning should look familiar, as I re-used the OneFS oplock
callback record concept. This was necessary to keep our own state around - it
really only consists of a lock state, per asynchronous lock that is currently
unsatisfied. The onefs_cbrl_callback_records map to BLRs by the id.
* There are 4 states an async lock can be in. NONE means there is no async
currently out for the lock, as opposed to ASYNC. DONE means we've locked
*every* lock (keep in mind a request can ask for multiple locks at a time.)
ERROR is an error.
* onefs_cbrl_async_success: The lock_num is incremented, and the state changed,
so that when process_blocking_lock_queue is run, we will try the *next* lock,
rather than the same one again.
* onefs_brl_lock_windows() has some complicated logic:
* We do a no-op if we're passed a BLR and the matching state is ASYNC --
this means Samba is trying to get the same lock twice, and we just need
to wait longer, so we return an error.
* PENDING lock calls happen when the lock is being queued on the BLQ -- we
do async in this case.
* We also do async in the case that we're passed a BLR, but the lock is not
pending. This is an async lock being probed by process_blocking_lock_queue.
* We do a sync lock for any normal first request of a lock.
* Failure is returned, but it doesn't go to the client unless the lock has
actually timed out.
OneFS provides the bulk directory enumeration syscall readdirplus(). This
syscall has the same semantics as the NFSv3 READDIRPLUS command, returning
a batch of directory entries with prefetched stat information via one
syscall.
This commit wraps the readdirplus() call in the existing POSIX
readdir/seekdir VFS interface. By default a batch of 128 directory entries
are optimistically read from the kernel into a global cache, and fed to
iterative calls of VFS_OP_READDIR.
The global buffers could be avoided in the future by hanging connection
specific buffers off the conn struct.
Added new parameter "onefs:use readdirplus" which toggles usage of this
code on or off.
A few functions in oplocks_onefs.c need to be accessed from the onefs
vfs module. It would be ideal if oplocks were implemented at the vfs
layer, but since they aren't yet, a new header is added to
source3/include to make these functions available to the onefs vfs
module. oplocks_onefs.o doesn't need to be linked into the onefs vfs
module explicitly, since it is already linked into smbd by default.
This changelist allows for the addition of custom performance
monitoring modules through smb.conf. Entrypoints in the main message
processing code have been added to capture the command, subop, ioctl,
identity and message size statistics.
The idea of this is that all client utils like smbpasswd and also for example
"net join" do not access our internal databases like passdb and secrets.tdb
directly anymore but pass everything throught the well-established RPC
interfaces.
The way you use this is the following: With rpc_cli_smbd_conn_init() or its
async variant you initialize a "struct rpc_cli_smbd_conn". This structure is
the link to a freshly forked smbd, ready to be used for RPC services. You
should only ever have one such structure in your program. More don't hurt, but
are plainly unnecessary.
If you want to use the SAMR pipe to change a passwort, you connect to that pipe
with rpc_pipe_open_local. Do you normal rpccli_samr calls on that and your
locally forked smbd will connect to passdb for you.
GD, this might make the distinction between the _l and _r calls in libnetapi
mostly unnecessary. At least it is intended to do so... :-)
- Adds new -c <custom conf> option to selftest.sh that when specified
adds a line to make test's server.conf: "include <custom conf>"
- Adds getopts processing to selftest.sh
- Changes selftest.sh shrdir arg to use -s <shrdir>
- Changes selftest.sh smbtorture4_path arg to use -t <smbtortur4 path>
- Adds configure option --with-selftest-custom-conf=<custom conf>
- Updates Makefile.in to take advantage of the new/changed parameters
This adds a lua command line interpreter with some sample code how to build
your own data types based on our internal data types.
Not meant as the final word, but as a playground for experiments for people.
Might be removed later when we find this turns out to be too awkward.
This is the first pass at extending the onefs vfs module to support
the CIFS-specific enhancements available on OneFS. Most of this patch
is massaging the sama open path to work with ifs_createfile.
ifs_createfile is a CIFS-specific syscall for opening/files and
directories. It adds support for:
- Full in-kernel access checks using a windows access_mask
- Cluster-coherent share mode locks
- Cluster-coherent oplocks
- Streams
- Setting security descriptors at create time
- Setting dos_attributes at create time
This patch does not implement the samba side of the streams support or
oplocks support. Tests that expect oplocks to be granted or streams
to be supported will fail. This will be remedied in upcoming patches.
Add to the OneFS VFS module, support for NTFS ACLs through the calls:
SMB_VFS_FGET_NT_ACL()
SMB_VFS_GET_NT_ACL()
SMB_VFS_FSET_NT_ACL()
Also create several new onefs specific smb.conf parameters in onefs.h
This removes the build-dependency on perl that was introduced in
commit e0905c3090.
The tables can now be re-built with "make ndr-tables".
This is also called by make samba3-idl to ensure that the tables
are updated after idl changes.
This hopefully fixes the build on some build farm hosts (e.g. gwen).
Michael
This causes make to fail on at least HP-UX and MacOS X with message
"no rule to make target -lz" or similar, when these object collections
are specified in dependencies.
Michael
Some systems need to have the tdbs (and other files required for samba
to run) on a different filesystem than the share directory that samba
is exporting.
This patch:
- Adds an optional "shrdir" argument to selftest.sh
- If shrdir is specified it will be used, otherwise the default
will be used: "<prefix>/tmp"
- Adds a new configure option: --with-selftest-shrdir
- Plumbs shrdir through Makefile.in and configure.in
This is to prevent problems with packaging scripts that pass CFLAGS
to make but not to make install...
Based on a patch for v3-2 by Martin Schwenke <martin@meltin.net>.
Michael
The util-linux-ng sources have a good, but rather complex scheme for
locking the mtab before updating it. Mount helpers need to follow the
same scheme. Advisory locking only works if everyone is using the same
locking scheme.
Copy the routines we need from util-linux-ng into a separate source file
and then have mount.cifs and umount.cifs link in this object.
The long term goal is to have these routines in a separate helper
library (libmount). Mount helpers can then dynamically link in that lib.
Until that happens, this should serve as a suitable stopgap solution.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
and other systems where sh does not support "export FOO=bar"
by separating setting and exporting the variable.
Thanks to Yasuma Takeda <yasuma@osstech.co.jp> for the patch.
Michael
